Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/_4mH36AkjxNVNHJQttdhllQO9LE.roa
File: _4mH36AkjxNVNHJQttdhllQO9LE.roa (raw, json)
Hash identifier: 1QzrlZccVRkuv6sXzvDUix8HPBL/49l8PLcYWd8By7Y=
Subject key identifier: FF:89:87:DF:A0:24:8F:13:55:34:72:50:B6:D7:61:96:54:0E:F4:B1
Certificate issuer: /CN=7d02fa2c5ba2892045e7cd50a5adfd54d6dbb8c2
Certificate serial: 018E4777EB2040FA12AE80480A78B59E32BA
Authority key identifier: 7D:02:FA:2C:5B:A2:89:20:45:E7:CD:50:A5:AD:FD:54:D6:DB:B8:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQL6LFuiiSBF581Qpa39VNbbuMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/_4mH36AkjxNVNHJQttdhllQO9LE.roa
Signing time: Sat 16 Mar 2024 13:33:44 +0000
ROA not before: Sat 16 Mar 2024 13:33:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201205
IP address blocks: 37.230.120.0/21 maxlen: 21
78.24.168.0/21 maxlen: 21
147.12.64.0/19 maxlen: 24
147.12.64.0/24 maxlen: 24
176.62.136.0/21 maxlen: 21
185.29.4.0/22 maxlen: 22
193.53.101.0/24 maxlen: 24
193.53.102.0/24 maxlen: 24
2a01:5c00::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 24 Mar 2024 06:27:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:47:77:eb:20:40:fa:12:ae:80:48:0a:78:b5:9e:32:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d02fa2c5ba2892045e7cd50a5adfd54d6dbb8c2
Validity
Not Before: Mar 16 13:33:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff8987dfa0248f1355347250b6d76196540ef4b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3c:ee:1b:fd:2e:d8:b1:e3:33:9b:75:b1:1f:
8a:ef:db:13:13:ee:29:50:43:02:11:1a:5c:fd:2a:
59:e6:9c:55:af:61:35:8d:b7:3b:08:b2:2e:2e:05:
12:bc:40:68:c3:72:72:d4:88:7f:d3:28:b5:04:f9:
94:a2:ed:0f:4d:3d:8a:0c:7c:79:ae:39:98:3a:d4:
10:5d:7c:4b:a6:87:96:dd:ac:ed:67:f5:55:a6:23:
48:cf:d2:7b:25:31:f4:a1:64:e5:71:54:ec:f2:3a:
1c:a6:be:af:52:07:d5:25:11:49:7b:94:11:56:6b:
d7:cf:7d:2d:b0:6d:1b:87:f6:a7:99:41:5a:c4:ae:
22:8a:bd:3a:8a:bc:83:f1:5b:ec:3d:8e:5c:65:6d:
f8:ac:d0:64:34:01:6c:1f:60:a3:fa:df:eb:c4:c7:
68:f8:71:a3:aa:97:7d:49:ab:94:7c:13:5d:ca:19:
32:57:4f:f9:df:32:11:70:41:01:f4:30:da:31:f4:
b9:a3:83:0a:e2:d8:6f:bc:bd:d6:e1:2a:d2:33:b6:
f9:26:71:9a:00:0a:04:bd:f0:65:6e:39:84:dc:f1:
4e:fc:f0:0c:e4:20:92:a8:f9:fa:5c:08:e6:16:78:
ed:95:54:01:02:02:f9:71:3e:9d:ce:46:1b:a8:9f:
62:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:89:87:DF:A0:24:8F:13:55:34:72:50:B6:D7:61:96:54:0E:F4:B1
X509v3 Authority Key Identifier:
keyid:7D:02:FA:2C:5B:A2:89:20:45:E7:CD:50:A5:AD:FD:54:D6:DB:B8:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQL6LFuiiSBF581Qpa39VNbbuMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/_4mH36AkjxNVNHJQttdhllQO9LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/fQL6LFuiiSBF581Qpa39VNbbuMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.120.0/21
78.24.168.0/21
147.12.64.0/19
176.62.136.0/21
185.29.4.0/22
193.53.101.0-193.53.102.255
IPv6:
2a01:5c00::/32
Signature Algorithm: sha256WithRSAEncryption
25:a1:32:6a:25:e4:bd:1e:7e:52:da:2a:62:76:fd:5c:8e:f6:
cb:74:95:82:ee:c2:9b:ac:ef:66:da:8a:7c:fc:9e:5f:4d:e4:
31:e9:43:00:d8:55:d6:47:63:97:30:b9:e9:5c:dc:80:51:de:
b8:a7:bf:22:b5:82:76:84:22:77:37:3e:7e:6c:95:7d:4b:e7:
eb:95:9f:78:c1:98:e8:98:10:c5:d6:07:86:3a:32:0b:da:7f:
9b:be:af:ec:b6:27:78:9e:4a:ed:88:cc:98:4d:d8:da:6e:04:
13:0a:30:d2:1d:9e:17:bd:e0:a9:a3:86:49:7e:58:97:c4:23:
b1:dd:8c:a7:6e:92:0d:aa:d1:0e:ab:b9:91:c8:10:98:25:02:
a0:1c:a3:8a:45:c1:75:bc:6c:fe:ce:4c:11:5f:30:eb:32:c5:
67:ef:f3:e2:15:86:04:b7:5b:69:47:b4:07:c3:02:46:1d:0b:
f2:e3:31:06:d4:b6:bb:32:f7:52:4a:bf:83:d7:f1:92:69:b1:
75:96:6f:ad:8f:07:54:a5:f0:41:bf:85:eb:4f:fd:56:00:f8:
65:99:64:54:ec:02:aa:35:35:49:1a:fb:00:9b:26:de:1f:43:
11:72:e2:fd:b5:0f:1c:6a:1d:14:d7:01:c6:6b:8a:8d:ad:68:
e2:e3:01:c2
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAY5Hd+sgQPoSroBICni1njK6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDJmYTJjNWJhMjg5MjA0NWU3Y2Q1MGE1YWRmZDU0ZDZk
YmI4YzIwHhcNMjQwMzE2MTMzMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjg5ODdkZmEwMjQ4ZjEzNTUzNDcyNTBiNmQ3NjE5NjU0MGVmNGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzzuG/0u2LHjM5t1sR+K79sTE+4p
UEMCERpc/SpZ5pxVr2E1jbc7CLIuLgUSvEBow3Jy1Ih/0yi1BPmUou0PTT2KDHx5
rjmYOtQQXXxLpoeW3aztZ/VVpiNIz9J7JTH0oWTlcVTs8jocpr6vUgfVJRFJe5QR
VmvXz30tsG0bh/anmUFaxK4iir06iryD8VvsPY5cZW34rNBkNAFsH2Cj+t/rxMdo
+HGjqpd9SauUfBNdyhkyV0/53zIRcEEB9DDaMfS5o4MK4thvvL3W4SrSM7b5JnGa
AAoEvfBlbjmE3PFO/PAM5CCSqPn6XAjmFnjtlVQBAgL5cT6dzkYbqJ9ifQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFP+Jh9+gJI8TVTRyULbXYZZUDvSxMB8GA1UdIwQY
MBaAFH0C+ixbookgRefNUKWt/VTW27jCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFMNkxGdWlpU0JGNTgxUXBhMzlWTmJidU1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jY2UyMGItNGQ1YS00OGY4LWI4OGUt
ODEwMzlmM2NmM2ZkLzEvXzRtSDM2QWtqeE5WTkhKUXR0ZGhsbFFPOUxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jY2UyMGItNGQ1YS00OGY4LWI4OGUtODEwMzlmM2NmM2Zk
LzEvZlFMNkxGdWlpU0JGNTgxUXBhMzlWTmJidU1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQDJeZ4AwQD
ThioAwQFkwxAAwQDsD6IAwQCuR0EMAwDBADBNWUDBADBNWYwDQQCAAIwBwMFACoB
XAAwDQYJKoZIhvcNAQELBQADggEBACWhMmol5L0eflLaKmJ2/VyO9st0lYLuwpus
72bainz8nl9N5DHpQwDYVdZHY5cwuelc3IBR3rinvyK1gnaEInc3Pn5slX1L5+uV
n3jBmOiYEMXWB4Y6Mgvaf5u+r+y2J3ieSu2IzJhN2NpuBBMKMNIdnhe94Kmjhkl+
WJfEI7HdjKdukg2q0Q6ruZHIEJglAqAco4pFwXW8bP7OTBFfMOsyxWfv8+IVhgS3
W2lHtAfDAkYdC/LjMQbUtrsy91JKv4PX8ZJpsXWWb62PB1Sl8EG/hetP/VYA+GWZ
ZFTsAqo1NUka+wCbJt4fQxFy4v21DxxqHRTXAcZrio2taOLjAcI=
-----END CERTIFICATE-----
Generated at Sun Mar 24 09:35:39 2024 by rpki-client on console-fra.rpki-client.org